4 HTTP::Cookies, from the libwww-perl library.
6 Docstrings, comments and debug strings in this code refer to the
7 attributes of the HTTP cookie system as cookie-attributes, to distinguish
10 Class diagram (note that BSDDBCookieJar and the MSIE* classes are not
11 distributed with the Python standard library, but are available from
37 import httplib  # only for the default HTTP port
40 debug = False   # set to True to enable debugging via the logging module
54 MISSING_FILENAME_TEXT = ("a filename was not supplied (nor was the CookieJar "
89     If the function is called without an argument, it will use the current
92     The format of the returned string is like "YYYY-MM-DD hh:mm:ssZ",
106     If the function is called without an argument, it will use the current
109     The format of the returned string is like this:
217     None is returned if the format of str is unrecognized, the time is outside
218     the representable range, or the timezone string is not recognized.  If the
221     The timezone in the string may be numerical (like "-0800" or "+0100") or a
222     string timezone (like "UTC", "GMT", "BST" or "EST").  Currently, only the
223     timezone strings equivalent to UTC (zero offset) are known to the function.
225     The function loosely parses the following formats:
237     If the year is given with only 2 digits, the function will select the
238     century that makes the year closest to the current date.
286     As for http2time, but parses the ISO 8601 formats:
305         # XXX there's an extra bit of the timezone I'm ignoring here: is
306         #   this the right thing to do?
333     If the header_values passed as argument contains multiple values, then they
337     follow this syntax (BNF as from the HTTP/1.1 specification, but we relax
338     the requirement for tokens).
413     """Do the inverse (almost) of the conversion done by split_header_words.
448     an unquoted "," in the expires field, so we have to use this ad-hoc
451     XXX This may not make the best possible effort to parse all the crap
469         # names and values are legal (the former will only appear once and will
517     #  the purposes of RFC 2965)?
518     # For the current implementation, what about IPv6?  Remember to look
541          * A is a HDN string and has the form NB, where N is a non-empty
542             name string, B has the form .B', and B' is a HDN string.  (So,
546     domain-matches .c.com, but not the reverse.
549     # Note that, if A or B are IP addresses, the only relevant part of the
550     # definition of the domain-match algorithm is the direct string-compare.
559         # A does not have form NB, or N is the empty string
659     # path characters, we pick UTF-8, as recommended in the HTML 4.0
678           -  H is the host domain name of a host; and,
680           -  H has the form A.B; and
684           -  B has at least one embedded dot, or B is the string "local".
685              then the reach of H is .B.
687        *  Otherwise, the reach of H is H.
712         host U does not domain-match the reach R of the request-host O in the
729     possible to construct Cookie instances that don't comply with the cookie
730     standards.  CookieJar.make_cookies is the factory function for Cookie
732     normalising to the representation used in this class.  CookiePolicy is
734     and returned to the server.
736     Note that the port may be present in the headers, but unspecified ("Port"
737     rather than"Port=80", for example); if this is the case, port is None.
767         # Sigh.  We need to know whether the domain given in the
769         # (as clarified in draft errata).  Needed for the returned $Domain
826     The subclass DefaultCookiePolicy defines the standard rules for Netscape
833         Currently, pre-expired cookies never get this far -- the CookieJar
855     """Implements the standard rules for accepting and returning cookies."""
898         """Return the sequence of blocked domains (as a tuple)."""
901         """Set the sequence of blocked domains."""
911         """Return None, or the sequence of allowed domains (as a tuple)."""
914         """Set the sequence of allowed domains, or None."""
1004                 # XXX This should probably be compared with the Konqueror
1299             #  intact, due to the poorly-specified Netscape Cookie: syntax)
1364         attrs_set is the list of lists of key,value pairs extracted from
1365         the Set-Cookie or Set-Cookie2 headers.
1367         Tuples are name, value, standard, rest, where name and value are the
1368         cookie name and value, standard is a dictionary containing the standard
1370         domain, path and port) and rest is a dictionary containing the rest of
1371         the cookie-attributes.
1389             # cookies should have the Expires cookie-attribute, and V1 cookies
1459         # standard is dict of standard cookie-attributes, rest is dict of the
1468         # set the easy defaults
1606             # For each match, keep the RFC 2965 cookie and ignore the Netscape
1608             # bundled in with the Netscape cookies for this purpose, which is
1652         """Extract cookies from response, where allowable given the request."""
1670         removed.  If given two arguments, cookies belonging to the specified
1672         the cookie with the specified name, path and domain is removed.
1695         Note that the .save() method won't save session cookies anyway, unless
1711         sent back to the server (provided you're using DefaultCookiePolicy),
1712         this method is called by CookieJar itself every so often, and the
1754         Cookies are NOT loaded from the named file until either the .load() or
1787         Raises LoadError (or IOError) if reversion is not successful; the

Indexes created Tue Jun 19 19:05:46 CEST 2018